Alfresco Transform Service
Vulnerabilities
3
Known exploited
0
Max CVSS
9.3
Top EPSS
0.00544
Severity breakdown
Critical
1
High
1
Medium
1
Low
0
Affected version ranges
< 4.2.3< 4.3
Also matched as (raw): alfresco_transform_service
Top vulnerabilities
CVE-2026-26339Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.
CVE-2026-26337Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.
CVE-2026-26338Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.